We performed a comparison between AWS WAF and Microsoft Azure Application Gateway based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, AWS WAF has a slight edge over Microsoft Azure Application Gateway. Our reviewers found Microsoft to have challenges with stability, scalability, and support.
"AWS WAF is very easy to use and configure on AWS."
"AWS WAF is something that someone from a cloud background or cloud security background leverages. If they want to natively use a solution in the cloud, AWS WAF comes in handy. It's very useful for that, and the way we can fine-tune the WAF rules is also nice."
"One common use case is using detection protection for enhancing security models in AWS. Another use case is implementing log analysis and response recovery procedures for email services."
"This is not a product that you need to install. You just use it."
"The solution is stable."
"We do not have to maintain the solution."
"The most valuable feature is the way it blocks threats to external applications."
"The interface is good."
"We chose this solution in the first place because it has access to Layer 7. I can control the requests and the content, which I can access on my network if I want to even if it's forbidden access to other external resources. If I want to monitor, for example, traffic, and apply this rule on Layer 7, I can do so. This was our main goal when implementing this application. We wanted to take advantage of the Gateway capabilities."
"The most valuable feature of Microsoft Azure Application Gateway is its ease of use."
"This is a SaaS product, so it is always up to date."
"The most valuable feature of the solution is traffic management."
"We use the product in front-end and back-end applications to do the load balancing smartly."
"Some of the key features of this solution are the low-level maintenance required, floating proxy service, and load balancing."
"The tool helps manage microservices by providing developers with a platform to conduct tests and assessments on the web application. The custom domain option is one of the most valuable features I've found. This feature is incredibly helpful for the end-users of the web application. With the custom domain feature, you can change the lengthy link to a shorter, more memorable one. For example, instead of using a lengthy default link, you can customize it to something like imail.com, which is much easier to remember and share."
"Azure Application Gateway's most valuable feature is ease of use. The configuration is straightforward. It isn't difficult to adjust the size of your instances in the settings. You can do that with a few clicks, and the configuration file is the same way. You can also set rules and policies with minimal time and effort."
"The solution could improve by having better rules, they are very basic at the moment. There are more attacks coming and we have to use third-party solutions, such as FIA. The features are not sufficient to prevent all the attacks, such as DDoS. Overall the solution should be more secure."
"We haven't faced any problems with the solution."
"We need more support as we go global."
"AWS WAF would be better if it uses AI or machine learning to detect a potential attack or a potential IP that creates an attack even before it happens. I want AWS WAF to capture the IP and automatically write the rule to automate the entire process."
"I would like to see the addition of more advanced rate-limiting features in the next release. It would be beneficial to extend rate limiting beyond just web servers to the main node level."
"The area of reporting in the product needs to have a proper format."
"One area for improvement in AWS WAF could be the limitation on the number of rules, particularly those from third-party sources, within the free tier."
"This solution could be improved if the configuration steps were more specific to WAF, compared to other cloud services."
"The tool is a pain to deal with when it comes to the area of configuration."
"The pricing of the solution is a bit high. The solution should offer different pricing systems."
"Microsoft Azure Application Gateway's first deployment is complex. It needs to improve its pricing."
"For the first-time user, it is difficult to understand so the user-interface needs to be improved."
"The increased security that we are considering is because of some of the things that the security team has brought to our attention. They have pointed out that we would most likely require a better web application firewall than Azure Application Gateway."
"Application Gateway’s limitation is that the private and the public endpoint cannot use the same port."
"The product could be easier to use and implement."
"It could be more stable, and support could be better. It would also be better if they offered more features. For example, it lacks security features. Before we used another English solution, and we realized that some of the rules were not set up correctly and passed through the Application Gateway's English controllers. But the problem, in this case, is if you send ten rules, for example, six rules hit some issues. IP address blocking could be better. The rules, for example, don't work properly. If you have one issue, one rule or another rule will not work. This sounds like total madness to me."
More Microsoft Azure Application Gateway Pricing and Cost Advice →
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 52 reviews while Microsoft Azure Application Gateway is ranked 2nd in Web Application Firewall (WAF) with 38 reviews. AWS WAF is rated 8.0, while Microsoft Azure Application Gateway is rated 7.2. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Microsoft Azure Application Gateway writes "High stability with built-in rules that reduce alerts and are easy to configure". AWS WAF is most compared with Azure Web Application Firewall, Imperva Web Application Firewall, F5 Advanced WAF, Cloudflare Web Application Firewall and Fortinet FortiWeb, whereas Microsoft Azure Application Gateway is most compared with Azure Front Door, Citrix NetScaler, F5 Advanced WAF, Cloudflare Web Application Firewall and HAProxy. See our AWS WAF vs. Microsoft Azure Application Gateway report.
See our list of best Web Application Firewall (WAF) vendors.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.